unable to deploy the the AWS cloud migration factory solution

0

I am trying to deploy the cloud migration factory in aws using cloud formation template download from here https://solutions-reference.s3.amazonaws.com/cloud-migration-factory-on-aws/latest/aws-cloud-migration-factory-solution.template

but it failed deploy and rollbacked immediately. Enter image description here

I have seen that few resources failed to create, i am clueless as i have used admin user and even root user as well.

Can some one check and help ?

Mohan
質問済み 1年前334ビュー
3回答
0
承認された回答

Hello.

Although it is not visible in the image, the reason why resource creation failed may be listed in the "Status reason" column.
Could you please share the "Status reason" column?

profile picture
エキスパート
回答済み 1年前
0

Thanks for the reply.
I deployed using the same template in my environment and saw the same error.
The cause of the error is unknown, but OAI itself is an old control method, so I used OAC to control it, and the deployment was successful.
The change should be made around line 227 to the following template.

  FrontEndBucketPolicy:
    Condition: DeployCloudFront
    Type: AWS::S3::BucketPolicy
    Properties:
      Bucket: !Ref FrontEndBucket
      PolicyDocument:
        Statement:
        - Action: s3:GetObject
          Effect: Allow
          Resource: !Sub ${FrontEndBucket.Arn}/*
          Principal:
            Service: cloudfront.amazonaws.com
          Condition:
            StringEquals:
              AWS:SourceArn: !Sub arn:aws:cloudfront::${AWS::AccountId}:distribution/${CloudfrontDistribution}

  CloudFrontOriginAccessControl:
    Condition: DeployCloudFront
    Type: AWS::CloudFront::OriginAccessControl
    Properties: 
      OriginAccessControlConfig:
        Description: Default Origin Access Control
        Name: !Ref AWS::StackName
        OriginAccessControlOriginType: s3
        SigningBehavior: always
        SigningProtocol: sigv4

  CloudfrontDistribution:
    Condition: DeployCloudFront
    DependsOn: CloudFrontFunction
    Type: AWS::CloudFront::Distribution
    Properties:
      Tags:
        -
          Key: application
          Value: !Ref Application
        -
          Key: environment
          Value: !Ref Environment
        -
          Key: Name
          Value: !Sub ${Application}-${Environment}-CloudFrontDistribution
      DistributionConfig:
        WebACLId:
          !If
          - DeployWAF
          - !GetAtt WAFFEStack.Outputs.WAFFEACLArn
          - !Ref 'AWS::NoValue'
        Enabled: true
        PriceClass: 'PriceClass_100'
        DefaultRootObject: 'index.html'
        ViewerCertificate:
          CloudFrontDefaultCertificate: true
          MinimumProtocolVersion: TLSv1.2_2018
        CustomErrorResponses:
          - ErrorCachingMinTTL: 300
            ErrorCode: 403
            ResponseCode: 200
            ResponsePagePath: '/index.html'
        HttpVersion: http2
        DefaultCacheBehavior:
          AllowedMethods:
            - HEAD
            - DELETE
            - POST
            - GET
            - OPTIONS
            - PUT
            - PATCH
          ForwardedValues:
            QueryString: false
          TargetOriginId: !Sub S3-${FrontEndBucket}
          ViewerProtocolPolicy: redirect-to-https
          FunctionAssociations:
            - EventType: viewer-response
              FunctionARN: !GetAtt CloudFrontFunction.FunctionMetadata.FunctionARN
        IPV6Enabled: true
        Logging:
          Bucket: !GetAtt AccessLoggingBucket.DomainName
        Origins:
          - DomainName: !GetAtt FrontEndBucket.DomainName
            Id: !Sub S3-${FrontEndBucket}
            S3OriginConfig:
              OriginAccessIdentity: ''
            OriginAccessControlId: !GetAtt CloudFrontOriginAccessControl.Id
    Metadata:
      cfn_nag:
        rules_to_suppress:
          - id: W70
            reason: "It is already TLSv1.2_2018"
profile picture
エキスパート
回答済み 1年前
profile picture
エキスパート
レビュー済み 5ヶ月前
0

Please check the screens hotEnter image description here

Mohan
回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ